| With the deepgoing informationization in modern society, USB portable storage devices arewidely used in all kinds of data storage and information exchange situations because of theirvarious advantages. However, due to the lack of security mechanism, the data security problemsare coming out one after another. The present solutions to enhance USB portable storage devices’security are either not mature enough or lack of hardware support. Hence, this paper explores thedata security problems of USB devices from the view of the bottom hardware layer.Aimed at the existing security threats to USB devices, this paper summers their securityrequirements. Combined with the implementation characteristics of every security mechanism,the security functions are distributed in each layer of the USB system properly. Based on which,a security model of USB device controller is built and the needed security functions as well asthe security services supplying to upper levels of the controller are ensured. Then, the securityUSB device controller overall framework is designed, supplying powerful theory support to thedesign of security scheme and also the implementation of prototype system.Following the USB2.0specification, on the base of the security USB device controlleroverall framework, this paper minutely designs and implements both the fundamentalcommunication and the security modules of the controller, providing the hardware support forthe security protocol design.Aimed at the security defects existing in present USB authentication schemes, anAuthentication and Key Agreement (AKA) protocol applied for USB communication system inthis paper is designed. Then, using the strand space modeling, the authentication andconfidentiality are proved. After that, the proposed scheme is analyzed. The results show that,this scheme can not only authenticate the users, hosts and devices, but also transmit the USB busdata safely in protect of the agreed key, so that it can defense attacks such as side channel attack,impersonation attack, replay attack, and snoopy and so on. Besides, this scheme has highsecurity and little computing cost.Based on the above work, the prototype system is implemented and functions of thecontroller are tested in this paper. The tests show that, the designed prototype system works welland achieves the prospective design goal.A secure USB device controller is designed in thispaper. Providing transparent, stronger security services for upper layers, it has a significantmeaning for improving USB devices security level and promoting USB technology applying inhigh security areas. |
PDF Full Text Request